On Tue, May 14, 2013 at 7:26 AM, ananthan <ananthannair...@gmail.com> wrote: > But in case of Method2: > My understanding became completely wrong,even though ip stealing prevention > worked no other things worked.And to make situation worse traffic to vm > worked with out rules priority 304 and 303.how can an additional in_port > make this much difference.Can some one please explain the problem.
You're matching on the destination port being 80, which will only block one direction of the flow. This is enough to prevent traffic from flowing but my guess is that when you added the input port constraint it was for traffic originating in the other direction. As a result, nothing was blocked. > Also When i added "priority=299,in_port=3 actions=drop" i was able to see > ping echo request on tcpdump output.Is it normal as tcpdump capture that > before this flow. Yes, that is normal. _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
